Andries -
Thanks, that's the exact page I was following when I first tried to set it up.
drill-env.sh:
DRILL_MAX_DIRECT_MEMORY="8G"
DRILL_HEAP="4G"
export DRILL_JAVA_OPTS="-Xms$DRILL_HEAP -Xmx$DRILL_HEAP
-XX:MaxDirectMemorySize=$DRILL_MAX_DIRECT_MEMORY -XX:MaxPermSize=512M
-XX:ReservedCodeCacheSize=1G -Ddrill.exec.enable-epoll=true
-Djava.library.path=/opt/pam/ -Ddrill.exec.http.ssl_enabled=true"
export SERVER_GC_OPTS="-XX:+CMSClassUnloadingEnabled -XX:+UseG1GC "
drill-override.conf:
drill.exec: {
cluster-id: "clusterid",
zk.connect: "node01:2181,node02:2181,node03:2181"
security.user.auth {
enabled: true,
packages += "org.apache.drill.exec.rpc.user.security",
impl: "pam",
pam_profiles: [ "sudo", "login" ]
}
http: {
enabled: true,
ssl_enabled: true,
port: 8047
},
}
I also set the users and user_groups in sys.options:
0: jdbc:drill:> select * from sys.options WHERE type = 'SYSTEM' and name like
'security%';
+-----------------------------+---------+---------+----------+----------+------------------------+-----------+------------+
| name | kind | type | status | num_val |
string_val | bool_val | float_val |
+-----------------------------+---------+---------+----------+----------+------------------------+-----------+------------+
| security.admin.user_groups | STRING | SYSTEM | CHANGED | null |
jon.snow,emerson.wang | null | null |
| security.admin.users | STRING | SYSTEM | CHANGED | null |
jon.snow,emerson.wang | null | null |
+-----------------------------+---------+---------+----------+----------+------------------------+-----------+------------+
2 rows selected (0.256 seconds)
Jose A. "Tony" Alfaro // Application Systems Administrator
ViaSat, Inc.
Email : [email protected]
desk : 720.568.3061
mobile: 720.467.9481
-----Original Message-----
From: Andries Engelbrecht [mailto:[email protected]]
Sent: Thursday, November 12, 2015 9:07 AM
To: [email protected]
Subject: Re: How to setup user authentication for the WebUI?
Try looking at this page
https://urldefense.proofpoint.com/v2/url?u=https-3A__drill.apache.org_docs_configuring-2Dweb-2Dui-2Dand-2Drest-2Dapi-2Dsecurity_&d=BQIFAg&c=jcv3orpCsv7C4ly8-ubDob57ycZ4jvhoYZNDBA06fPk&r=aFp43i9OHbKPAwg9pA572ji1Jcjj2xwJK3bO-qY8f3U&m=G5gaSyt7huoRxcZzJWvU-tNUvfbntKY-fdkIDywmqf8&s=13BTcwnaq8_z8_FIxVwSEimkAaZQ9uiZ-V-e02w1758&e=
<https://urldefense.proofpoint.com/v2/url?u=https-3A__drill.apache.org_docs_configuring-2Dweb-2Dui-2Dand-2Drest-2Dapi-2Dsecurity_&d=BQIFAg&c=jcv3orpCsv7C4ly8-ubDob57ycZ4jvhoYZNDBA06fPk&r=aFp43i9OHbKPAwg9pA572ji1Jcjj2xwJK3bO-qY8f3U&m=G5gaSyt7huoRxcZzJWvU-tNUvfbntKY-fdkIDywmqf8&s=13BTcwnaq8_z8_FIxVwSEimkAaZQ9uiZ-V-e02w1758&e=
>
I didn't set the http settings you list in drill-override.conf, instead i added
this to drill-env.sh export DRILL_JAVA_OPTS="$DRILL_JAVA_OPTS
-Ddrill.exec.http.ssl_enabled=true"
Also make sure to add some admin users and groups.
1. alter system set `security.admin.users`='admin1,admin2,...';
2. alter system set `security.admin.user_groups`='admingroup'; and add users
to the group.
--Andries
> On Nov 12, 2015, at 7:44 AM, Alfaro, Tony <[email protected]> wrote:
>
> I've done as the documentation said and installed jpam, user auth works with
> the command line access tools (bin/drill-conf -n user -p pass), but the
> webui's don't show a login page, only the data for number of drill bits, the
> hostnames for each bit, the port addresses, and direct memory numbers. The
> drill-env.sh file contains the path declaration for jpam as /opt/pam/ (where
> it was installed) and the drill-override.conf has the following drill.exec
> section:
>
> drill.exec: {
> cluster-id: "clusterid",
> zk.connect: "node01:2181,node02:2181,node03:2181"
> security.user.auth {
> enabled: true,
> packages += "org.apache.drill.exec.rpc.user.security",
> impl: "pam",
> pam_profiles: [ "sudo", "login" ]
> }
> http: {
> enabled: true,
> ssl_enabled: true,
> port: 8047
> },
> }
>
> Is there something obvious I'm missing to get the user login page to show?
>
> Jose A. "Tony" Alfaro // Application Systems Administrator ViaSat,
> Inc.
> Email : [email protected]<mailto:[email protected]>
> desk : 720.568.3061
> mobile: 720.467.9481
>
